|Covert Crawling: A Wolf Among Lambs - Acidus|
Web application IDS evasion techniques and countermeasures is a mature area of study. LibWhisker-based apps and Snort have been in a tug-of-war for years. However, the initial reconnaissance of a website or web app has been largely neglected. Its either done by hand (which is tedious) or with a traditional crawler like wget (which is very noisy). An automated crawl appears as an enormous spike in hit count and byte transfer that is well outside the bell-curve for normal users...
Keywords: Shmoocon; 2006; Acidus; Covert Crawling; Hackercons; Presentation; Hacking; Hackers
|A Young Gentleman's Primer on the Reading and Emulation of Magnetic Cards - Mark Abend|
Magnetic cards have been in the wild for years. In that time, there has been lots of talk about how to read them, but most of the information on how to duplicate them has been limited to "Magnetic card writers are too expensive for you." The goal of this presentation is to give an overview of magnetic card technology, demonstrate a way to deceive a card reader into thinking it just saw a card, and demonstrate a cheap card duplicator...
Keywords: Shmoocon; 2006; Abend; Magnetic Cards; Hackercons; Presentation; Hacking; Hackers